| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-67919 | WordPress Woffice Core plugin <= 5.4.30 - Insecure Direct Object References (IDOR) vulnerability | WofficeIO | Woffice Core | Medium | 6.5 | 2026-01-08 09:17:46 | Deep Dive |
| CVE-2025-67566 | WordPress Woffice Core plugin <= 5.4.30 - Broken Access Control vulnerability | WofficeIO | Woffice Core | Medium | 5.3 | 2025-12-09 14:14:12 | Deep Dive |
| CVE-2025-7694 | Woffice Core <= 5.4.26 - Authenticated (Contributor+) Arbitrary File Deletion | WofficeIO | Woffice Core | Medium | 6.8 | 2025-08-02 03:28:19 | Deep Dive |
| CVE-2025-2780 | Woffice Core <= 5.4.21 - Authenticated (Subscriber+) Arbitrary File Upload | WofficeIO | Woffice Core | High | 8.8 | 2025-04-04 07:00:14 | Deep Dive |
| CVE-2025-2797 | Woffice Core <= 5.4.21 - Cross-Site Request Forgery to User Registration Approval | WofficeIO | Woffice Core | Medium | 5.4 | 2025-04-04 07:00:12 | Deep Dive |
| CVE-2024-37470 | WordPress Woffice Core plugin <= 5.4.8 - Unauthenticated Broken Access Control vulnerability | WofficeIO | Woffice Core | High | 8.2 | 2024-11-01 14:18:18 | Deep Dive |
| CVE-2024-37471 | WordPress Woffice Core plugin <= 5.4.8 - Site Wide Reflected Cross Site Scripting (XSS) vulnerability | WofficeIO | Woffice Core | High | 7.1 | 2024-07-04 18:57:44 | Deep Dive |